SCS-C01: AWS Certified Security Specialist, Part 4 of 6: Identity and Access MGMT
with expert Zeal Vora
Course description
Amazon Web Services Certified Security Specialty is an exam intended to validate an individuals experience in a security role. This course covers Domain 4 Identity and Access Management which counts for 20% of the exam.
Prerequisites
two years of hands-on experience securing AWS and 5 years or more in IT security experience designing and implementing security solutions.
Meet the expert
Zeal works primarily as a Cloud Security Consultant guiding organizations to re-build their infrastructure with security in mind. Zeal also holds more then 13+ certifications ranging from RedHat Certified Architect to AWS Security.
Course outline
Module 11
AWS Organizations (30:48)
- Introduction (00:08)
- AWS Organizations (07:06)
- Demo: AWS Organizations (05:40)
- OU in AWS Organization (06:11)
- IAM Policy Evaluation Logic (11:33)
- Summary (00:08)
Identiy and Resource Based Policy (53:08)
- Introduction (00:08)
- Identity and Resource Based Policy (07:47)
- Access Management (15:05)
- StartStop EC2 (11:56)
- Identity Account Architecture (09:21)
- Cross Account IAM Practical (08:42)
- Summary (00:08)
Module 12
External ID in Delegation (29:36)
- Introduction (00:08)
- External ID (09:26)
- EC2 Instance Metadata (07:44)
- IAM Role (07:38)
- How IAM Role Works (04:30)
- Summary (00:08)
IPTABLES and Instance Meta-data (31:41)
- Introduction (00:08)
- IPTABLES and Instance Metadata (05:25)
- IAM Policy Element (09:56)
- IAM Policy Variables (04:43)
- Principal and NotPrincipal (07:25)
- Demo: NotPrincipal Element (03:55)
- Summary (00:08)
Condition Element (37:04)
- Introduction (00:08)
- Condition Element (07:08)
- AWS STS (16:55)
- Federation (12:44)
- Summary (00:08)
Module 13
SAML (30:22)
- Introduction (00:08)
- SAML (10:37)
- AWS SSO (06:17)
- Implementing AWS SSO (08:06)
- Integrate AWS CLI with SSO (05:05)
- Summary (00:08)
AWS Cognito (31:51)
- Introduction (00:08)
- Amazon Cognito (07:48)
- Active Directory - Integration (04:13)
- AWS Directory Service (08:41)
- Domain Join EC2 with Simple AD (10:51)
- Summary (00:08)
Module 14
Trusts in Active Directory (37:53)
- Introduction (00:08)
- Trusts in Active Directory (07:26)
- S3 Bucket Policy (12:09)
- Regaining Access to Locked S3 Bucket (05:09)
- Cross Account S3 Access (12:52)
- Summary (00:08)
Canned ACL (41:06)
- Introduction (00:08)
- Canned ACL (08:55)
- Presigned URLs (08:57)
- S3 Versioning (09:48)
- S3 Cross Region Replication (04:16)
- S3 Object Lock (08:52)
- Summary (00:08)
Module 15
MFA Protected API Access (26:22)
- Introduction (00:08)
- MFA Protected API Access (09:56)
- IAM Permission Boundary (09:39)
- IAM and S3 (06:31)
- Summary (00:08)
Troubleshooting IAM Policies (21:39)
- Introduction (00:08)
- Troubleshooting IAM Policies (01:46)
- Troubleshooting Solution - Policy 01 (04:46)
- Troubleshooting Solution - Policy 02 (05:28)
- Troubleshooting Solution - Policy 03 (04:24)
- Troubleshooting Solution - Policy 04 (01:24)
- Troubleshooting Solution - Policy 05 (03:32)
- Summary (00:08)
AWS Control Tower (32:55)
- Introduction (00:08)
- AWS Control Tower (15:27)
- Service Role and Pass Role (12:42)
- Amazon Workmail (04:28)
- Summary (00:08)